CVE-2005-3671

Publication date 18 November 2005

Last updated 24 July 2024


Ubuntu priority

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Status

Package Ubuntu Release Status
openswan 7.10 gutsy
Fixed 1:2.4.4-1
7.04 feisty
Fixed 1:2.4.4-1
6.10 edgy
Fixed 1:2.4.4-1
6.06 LTS dapper
Fixed 1:2.4.4-1